nvd-json-data-feeds/CVE-2024/CVE-2024-510xx/CVE-2024-51074.json

{
  "id": "CVE-2024-51074",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-11-22T16:15:33.860",
  "lastModified": "2024-11-25T21:15:20.390",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect access control in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to arbitrarily change odometer readings in the vehicle by targeting the instrument cluster through the unsecured CAN network."
    },
    {
      "lang": "es",
      "value": "Control de acceso incorrecto en Instrument Cluster KIA Seltos Software v1.0, Hardware v1.0 permite a atacantes cambiar arbitrariamente las lecturas del od\u00f3metro en el veh\u00edculo."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "attackVector": "PHYSICAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 5.3
      }
    ]
  },
  "references": [
    {
      "url": "https://en.wikipedia.org/wiki/CAN_bus",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/nitinronge91/KIA-SELTOS-Cluster-Vulnerabilities/blob/0446f6fe6299eb39310e996c73d5513e70d76353/CVE/Odometer%20Manipulation%28Increase%29%20for%20KIA%20SELTOS%20Cluster%20CVE-2024-51074.md",
      "source": "cve@mitre.org"
    }
  ]
}